Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-25597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling...

6.5CVSS6.3AI score0.00358EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:7 a.m.4 views

SUSE CVE-2019-18421

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen...

8.2CVSS7.7AI score0.01679EPSS
Exploits0References13
SUSE CVE
SUSE CVE
added 2023/02/15 3:54 a.m.4 views

SUSE CVE-2020-25597

An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life time of a guest...

6.5CVSS6.6AI score0.00358EPSS
Exploits0References17
RedhatCVE
RedhatCVE
added 2020/10/23 7:5 p.m.25 views

CVE-2020-27670

A flaw was found in Xen in the AMD IOMMU page table updates. This flaw allows a malicious guest to cause a denial of service, host data corruption, or potential privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS3.3AI score0.00251EPSS
Exploits0References4
OSV
OSV
added 2020/09/23 10:15 p.m.2 views

ALPINE-CVE-2020-25597

An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life time of a guest...

6.5CVSS6.6AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2020/09/23 10:15 p.m.2 views

DEBIAN-CVE-2020-25597

An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life time of a guest...

6.5CVSS6.2AI score0.00358EPSS
Exploits0References1
OSV
OSV
added 2020/09/23 10:15 p.m.3 views

UBUNTU-CVE-2020-25597

An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen assumes that an event channel, once valid, will not become invalid over the life time of a guest...

6.5CVSS6.5AI score0.00358EPSS
Exploits0References4
OSV
OSV
added 2019/10/31 2:15 p.m.2 views

DEBIAN-CVE-2019-18421

An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS users to gain host OS privileges by leveraging race conditions in pagetable promotion and demotion operations. There are issues with restartable PV type change operations. To avoid using shadow pagetables for PV guests, Xen...

7.5CVSS6.8AI score0.01679EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/10/31 12:0 a.m.8 views

PT-2019-4883 · Xen +1 · Xen +1

Name of the Vulnerable Software and Affected Versions: Xen versions through 4.12.x Description: The issue is related to a flaw in restartable PV type change operations, which can be exploited by a remote attacker to gain access to confidential data, compromise its integrity, and cause a denial of...

9.8CVSS7.7AI score0.16658EPSS
Exploits4References188
Xen Project
Xen Project
added 2013/09/10 10:56 a.m.93 views

libxl partially sets up HVM passthrough even with disabled iommu

ISSUE DESCRIPTION With HVM domains, libxl's setup of PCI passthrough devices does the IOMMU setup after giving via the device model the guest access to the hardware and advertising it to the guest. If the IOMMU is disabled the overall setup fails, but after the device has been made available to t...

6.5CVSS2AI score0.00531EPSS
Exploits0Affected Software1
Xen Project
Xen Project
added 2012/08/09 12:0 p.m.12 views

HVM guest destroy p2m teardown host DoS vulnerability

ISSUE DESCRIPTION An HVM guest is able to manipulate its physical address space such that tearing down the guest takes an extended period amount of time searching for shared pages. This causes the domain 0 VCPU which tears down the domain to be blocked in the destroy hypercall. This causes that...

4.9CVSS7.1AI score0.00416EPSS
Exploits0
Rows per page
Query Builder